电视盒子api

application/common/controller/Apitv.php

@@ -0,0 +1,569 @@
+<?php
+
+namespace app\common\controller;
+
+use app\common\library\Auth;
+use think\Config;
+use think\exception\HttpResponseException;
+use think\exception\ValidateException;
+use think\Hook;
+use think\Lang;
+use think\Loader;
+use think\Request;
+use think\Response;
+use think\Route;
+use think\Validate;
+use Redis;
+
+/**
+ * API控制器基类
+ */
+class Apitv
+{
+
+    /**
+     * @var Request Request 实例
+     */
+    protected $request;
+
+    /**
+     * @var bool 验证失败是否抛出异常
+     */
+    protected $failException = false;
+
+    /**
+     * @var bool 是否批量验证
+     */
+    protected $batchValidate = false;
+
+    /**
+     * @var array 前置操作方法列表
+     */
+    protected $beforeActionList = [];
+
+    /**
+     * 无需登录的方法,同时也就不需要鉴权了
+     * @var array
+     */
+    protected $noNeedLogin = [];
+
+    /**
+     * 无需鉴权的方法,但需要登录
+     * @var array
+     */
+    protected $noNeedRight = [];
+
+    /**
+     * 权限Auth
+     * @var Auth
+     */
+    protected $auth = null;
+
+    /**
+     * 默认响应输出类型,支持json/xml
+     * @var string
+     */
+    protected $responseType = 'json';
+
+    /**
+     * @var int 日志类型 1 文件；2sql
+     */
+    public $logType = 2;
+
+    /**
+     * 构造方法
+     * @access public
+     * @param Request $request Request 对象
+     */
+    public function __construct(Request $request = null)
+    {
+        $this->request = is_null($request) ? Request::instance() : $request;
+
+        if(config('site.apisite_switch') == 0){
+            $controllername = $this->request->controller();
+            $controllername = strtolower($controllername);
+
+            if(!in_array($controllername,['notify','easemob','payios'])){
+                $notice = config('site.apisite_notice') ?: '全站维护中';
+                $this->error($notice);
+            }
+        }
+
+        // 控制器初始化
+        $this->_initialize();
+        //日志
+        $this->request_log();
+        //用户活跃
+        $this->user_active();
+
+        // 前置操作方法
+        if ($this->beforeActionList) {
+            foreach ($this->beforeActionList as $method => $options) {
+                is_numeric($method) ?
+                    $this->beforeAction($options) :
+                    $this->beforeAction($method, $options);
+            }
+        }
+    }
+
+    /**
+     * 初始化操作
+     * @access protected
+     */
+    protected function _initialize()
+    {
+        //跨域请求检测
+        check_cors_request();
+
+        // 检测IP是否允许
+        check_ip_allowed();
+
+        //移除HTML标签
+        $this->request->filter('trim,strip_tags,htmlspecialchars');
+
+        $this->auth = Auth::instance();
+
+        $modulename = $this->request->module();
+        $controllername = Loader::parseName($this->request->controller());
+        $actionname = strtolower($this->request->action());
+
+        // token
+        $token = $this->request->server('HTTP_TOKEN', $this->request->request('token', \think\Cookie::get('token')));
+
+        $path = str_replace('.', '/', $controllername) . '/' . $actionname;
+        // 设置当前请求的URI
+        $this->auth->setRequestUri($path);
+        // 检测是否需要验证登录
+        if (!$this->auth->match($this->noNeedLogin)) {
+            //初始化
+            $this->auth->init($token);
+            //检测是否登录
+            if (!$this->auth->isLogin()) {
+                $this->error(__('Please login first'), null, 401);
+            }
+            // 判断是否需要验证权限
+            /*if (!$this->auth->match($this->noNeedRight)) {
+                // 判断控制器和方法判断是否有对应权限
+                if (!$this->auth->check($path)) {
+                    $this->error(__('You have no permission'), null, 403);
+                }
+            }*/
+        } else {
+            // 如果有传递token才验证是否登录状态
+            if ($token) {
+                $this->auth->init($token);
+                //传就必须传对
+                if (!$this->auth->isLogin()) {
+                    $this->error(__('Please login first'), null, 401);
+                }
+            }
+        }
+
+        $upload = \app\common\model\Config::upload();
+
+        // 上传信息配置后
+        Hook::listen("upload_config_init", $upload);
+
+        Config::set('upload', array_merge(Config::get('upload'), $upload));
+
+        // 加载当前控制器语言包
+        $this->loadlang($controllername);
+    }
+
+    /**
+     * 加载语言文件
+     * @param string $name
+     */
+    protected function loadlang($name)
+    {
+        $name = Loader::parseName($name);
+        $name = preg_match("/^([a-zA-Z0-9_\.\/]+)\$/i", $name) ? $name : 'index';
+        $lang = $this->request->langset();
+        $lang = preg_match("/^([a-zA-Z\-_]{2,10})\$/i", $lang) ? $lang : 'zh-cn';
+        Lang::load(APP_PATH . $this->request->module() . '/lang/' . $lang . '/' . str_replace('.', '/', $name) . '.php');
+    }
+
+    /**
+     * 操作成功返回的数据
+     * @param string $msg    提示信息
+     * @param mixed  $data   要返回的数据
+     * @param int    $code   错误码，默认为1
+     * @param string $type   输出类型
+     * @param array  $header 发送的 Header 信息
+     */
+    protected function success($msg = '', $data = null, $code = 1, $type = null, array $header = [])
+    {
+        if($msg == 1){
+            $msg = 'success';
+        }
+        if(empty($msg)){
+            $msg = '操作成功';
+        }
+        $this->result($msg, $data, $code, $type, $header);
+    }
+
+    /**
+     * 操作失败返回的数据
+     * @param string $msg    提示信息
+     * @param mixed  $data   要返回的数据
+     * @param int    $code   错误码，默认为0
+     * @param string $type   输出类型
+     * @param array  $header 发送的 Header 信息
+     */
+    protected function error($msg = '', $data = null, $code = 0, $type = null, array $header = [])
+    {
+        if(empty($msg)){
+            $msg = __('Invalid parameters');
+        }
+        $this->result($msg, $data, $code, $type, $header);
+    }
+
+    /**
+     * 返回封装后的 API 数据到客户端
+     * @access protected
+     * @param mixed  $msg    提示信息
+     * @param mixed  $data   要返回的数据
+     * @param int    $code   错误码，默认为0
+     * @param string $type   输出类型，支持json/xml/jsonp
+     * @param array  $header 发送的 Header 信息
+     * @return void
+     * @throws HttpResponseException
+     */
+    protected function result($msg, $data = null, $code = 0, $type = null, array $header = [])
+    {
+        $result = [
+            'code' => $code,
+            'msg'  => $msg,
+            'time' => Request::instance()->server('REQUEST_TIME'),
+            'data' => $data,
+        ];
+
+        //日志
+        $this->request_log_update($result);
+
+        // 如果未设置类型则使用默认类型判断
+        $type = $type ? : $this->responseType;
+
+        if (isset($header['statuscode'])) {
+            $code = $header['statuscode'];
+            unset($header['statuscode']);
+        } else {
+            //未设置状态码,根据code值判断
+            $code = $code >= 1000 || $code < 200 ? 200 : $code;
+        }
+        $response = Response::create($result, $type, $code)->header($header);
+        throw new HttpResponseException($response);
+    }
+
+    /**
+     * 前置操作
+     * @access protected
+     * @param string $method  前置操作方法名
+     * @param array  $options 调用参数 ['only'=>[...]] 或者 ['except'=>[...]]
+     * @return void
+     */
+    protected function beforeAction($method, $options = [])
+    {
+        if (isset($options['only'])) {
+            if (is_string($options['only'])) {
+                $options['only'] = explode(',', $options['only']);
+            }
+
+            if (!in_array($this->request->action(), $options['only'])) {
+                return;
+            }
+        } elseif (isset($options['except'])) {
+            if (is_string($options['except'])) {
+                $options['except'] = explode(',', $options['except']);
+            }
+
+            if (in_array($this->request->action(), $options['except'])) {
+                return;
+            }
+        }
+
+        call_user_func([$this, $method]);
+    }
+
+    /**
+     * 设置验证失败后是否抛出异常
+     * @access protected
+     * @param bool $fail 是否抛出异常
+     * @return $this
+     */
+    protected function validateFailException($fail = true)
+    {
+        $this->failException = $fail;
+
+        return $this;
+    }
+
+    /**
+     * 验证数据
+     * @access protected
+     * @param array        $data     数据
+     * @param string|array $validate 验证器名或者验证规则数组
+     * @param array        $message  提示信息
+     * @param bool         $batch    是否批量验证
+     * @param mixed        $callback 回调方法（闭包）
+     * @return array|string|true
+     * @throws ValidateException
+     */
+    protected function validate($data, $validate, $message = [], $batch = false, $callback = null)
+    {
+        if (is_array($validate)) {
+            $v = Loader::validate();
+            $v->rule($validate);
+        } else {
+            // 支持场景
+            if (strpos($validate, '.')) {
+                list($validate, $scene) = explode('.', $validate);
+            }
+
+            $v = Loader::validate($validate);
+
+            !empty($scene) && $v->scene($scene);
+        }
+
+        // 批量验证
+        if ($batch || $this->batchValidate) {
+            $v->batch(true);
+        }
+        // 设置错误信息
+        if (is_array($message)) {
+            $v->message($message);
+        }
+        // 使用回调验证
+        if ($callback && is_callable($callback)) {
+            call_user_func_array($callback, [$v, &$data]);
+        }
+
+        if (!$v->check($data)) {
+            if ($this->failException) {
+                throw new ValidateException($v->getError());
+            }
+
+            return $v->getError();
+        }
+
+        return true;
+    }
+
+    /**
+     * 刷新Token
+     */
+    protected function token()
+    {
+        $token = $this->request->param('__token__');
+
+        //验证Token
+        if (!Validate::make()->check(['__token__' => $token], ['__token__' => 'require|token'])) {
+            $this->error(__('Token verification error'), ['__token__' => $this->request->token()]);
+        }
+
+        //刷新Token
+        $this->request->token();
+    }
+
+    /**
+     * 接口请求限制
+     * @param int $apiLimit
+     * @param int $apiLimitTime
+     * @param string $key
+     * @return bool | true:通过 false:拒绝
+     */
+    public function apiLimit($apiLimit = 1, $apiLimitTime = 1000, $key = '')
+    {
+        $userId = $this->auth->id;
+        $controller = request()->controller();
+        $action = request()->action();
+
+        if (!$key) {
+            $key = strtolower($controller) . '_' . strtolower($action) . '_' . $userId;
+        }
+
+        $redis = new Redis();
+        $redisconfig = config("redis");
+        $redis->connect($redisconfig["host"], $redisconfig["port"]);
+        if ($redisconfig['redis_pwd']) {
+            $redis->auth($redisconfig['redis_pwd']);
+        }
+        if($redisconfig['redis_selectdb'] > 0){
+            $redis->select($redisconfig['redis_selectdb']);
+        }
+
+        //
+        //指定键值新增+1 并获取
+        $count = $redis->incr($key);
+        if ($count > $apiLimit) {
+            return false;
+        }
+
+        //设置过期时间
+        if ($count == 1) {
+            $redis->pExpire($key, $apiLimitTime);
+        }
+
+        return true;
+    }
+
+    /*
+     * api 请求日志
+     * */
+    protected function request_log(){
+
+        //api_request_log
+        $modulename     = $this->request->module();
+        $controllername = $this->request->controller();
+        $actionname     = $this->request->action();
+
+        if(strtolower($actionname) == 'callback'){
+            return true;
+        }
+
+        defined('API_REQUEST_LOG_TYPE') or define('API_REQUEST_LOG_TYPE', $this->logType);
+        $params = input();
+        if ($this->logType === 1){
+            //日志统一写入
+            register_shutdown_function([new LogUtil, 'close']);
+            LogUtil::getInstance('Api/'); //设置日志存入通道
+
+            LogUtil::info('uid', 'Api-Middleware-Log', 'request_log', $this->auth->id);
+            LogUtil::info('api', 'Api-Middleware-Log', 'request_log', $modulename . '/' . $controllername . '/' . $actionname);
+            LogUtil::info('params', 'Api-Middleware-Log', 'request_log', json_encode($params));
+            LogUtil::info('ip', 'Api-Middleware-Log', 'request_log', request()->ip());
+
+        }else{
+            $data = [
+                'uid'   => $this->auth->id,
+                'api'   => $modulename.'/'.$controllername.'/'.$actionname,
+                'params' => json_encode($params),
+                'addtime'  => time(),
+                'adddatetime'  => date('Y-m-d H:i:s'),
+                'ip'   => request()->ip(),
+            ];
+            $request_id = db('api_request_log')->insertGetId($data);
+            defined('API_REQUEST_ID') or define('API_REQUEST_ID', $request_id);
+        }
+    }
+
+    protected function request_log_update($log_result){
+
+        if ($this->logType === 1){
+            if (strlen(json_encode($log_result['data'])) > 1000) {
+                //$log_result['data'] = '数据太多，不记录';
+            }
+            LogUtil::info('result', 'Api-Middleware-Log', 'request_log', $log_result);
+        }else{
+            if(defined('API_REQUEST_ID')) { //记录app正常返回结果
+                if(strlen(json_encode($log_result['data'])) > 1000) {
+                    //$log_result['data'] = '数据太多，不记录';
+                }
+                db('api_request_log')->where('id',API_REQUEST_ID)->update(['result'=>json_encode($log_result)]);
+            }
+        }
+    }
+
+    //更新用户活跃
+    protected function user_active(){
+        if($this->auth->isLogin()){
+            db('user_active')->where('user_id',$this->auth->id)->update(['requesttime'=>time()]);
+        }
+    }
+
+    //获取用户是否活跃，7200秒，2小时
+    //1活跃，0不活跃
+    protected function user_activeinfo($user_id,$requesttime = 0){
+
+        if(empty($requesttime)){
+            $requesttime = db('user_active')->where('user_id',$user_id)->value('requesttime');
+        }
+
+        $result = [
+            'is_active' => 1,
+            'active_text' => get_last_time($requesttime).'在线',
+        ];
+
+        if(time() - $requesttime > 7200){
+            $result = [
+                'is_active' => 0,
+                'active_text' => '离线',
+            ];
+        }
+
+        return $result;
+    }
+
+    //获取用户是否vip，1是，0否
+    protected function is_vip($user_id){
+        $result = 0;
+
+        $vip_endtime = db('user_wallet')->where('user_id',$user_id)->value('vip_endtime');
+        $result = $vip_endtime > time() ? 1 : 0;
+
+        return $result;
+    }
+
+    //用户是否有某项权限
+    //1有，0没有
+    protected function user_power($user_id,$power = ''){
+        $is_vip = $this->is_vip($user_id);
+        if($is_vip != 1){
+            return 0;
+        }
+        $power = db('user_power')->where('user_id',$user_id)->value($power);
+        return $power;
+
+    }
+
+    //是否关注
+    protected function is_follow($uid,$follow_uid){
+        $where = [
+            'uid' => $uid,
+            'follow_uid' => $follow_uid,
+        ];
+        $check = db('user_follow')->where($where)->find();
+        if($check){
+            return 1;
+        }else{
+            return 0;
+        }
+    }
+
+    //是否拉黑
+    protected function is_black($uid,$black_user_id){
+        $where = [
+            'user_id' => $uid,
+            'black_user_id' => $black_user_id,
+        ];
+        $check = db('user_blacklist')->where($where)->find();
+        if($check){
+            return 1;
+        }else{
+            return 0;
+        }
+    }
+
+    //是否好友
+    protected function is_friend($uid,$follow_uid){
+        $is_follow = $this->is_follow($uid,$follow_uid);
+        $be_follow = $this->is_follow($follow_uid,$uid);
+        if($is_follow && $be_follow){
+            return 1;
+        }
+        return 0;
+    }
+
+    //实名认证限制功能
+    //true  不需要实名认证，不受限
+    //false 需要实名认证，受限
+    protected function user_auth_limit(){
+
+        if($this->auth->idcard_status == 1){
+            return true; //已实名，不受限
+        }else{
+            return false;
+        }
+
+    }
+}